anonymous@myrealm) for the Roaming Identity rather than a true identity.
Step 3 of 3: EAP-FAST Server
Authenticated-TLS-Server Provisioning Mode is supported using a trusted CA certificate, a self-signed server
certificate, or server public keys and GTC as the inner EAP method.
1. Select one of the following credential retrieval methods:
Validate Server Certificate or Specify Server or
Certificate Name.
2. Click OK to close the security settings.
EAP-FAST User Settings
NOTE: If an Administrator Package was installed on a user's computer that did not apply the Cisco
Compatible Extensions, Version 4 Application Setting, only EAP-FAST User settings are available
for configuration.
To set up a client with EAP-FAST authentication:
1. Click Profiles on the Intel PROSet/Wireless main window.
2. On the Profile page, click Add to open the Create Wireless Profile General Settings.
3. Wireless Network Name (SSID): Enter the network identifier.
4. Profile Name: Enter a descriptive profile name.
5. Operating Mode: Click Network (Infrastructure).
6. Click Next to open the Security Settings.
7. Click Enterprise Security.
8. Network Authentication: Select WPA-Enterprise or WPA2-Enterprise.
9. Data Encryption: Select one of the following:
❍ TKIP provides per-packet key mixing, a message integrity check and a rekeying mechanism.
❍ AES-CCMP (Advanced Encryption Standard - Counter CBC-MAC Protocol) is used as the data
encryption method whenever strong data protection is important.
AES-CCMP is recommended.
10. Enable 802.1x: Selected.
11. Authentication Type: Select EAP-FAST to be used with this connection.
12. Click
Cisco Options to select Allow Fast Roaming (CCKM) which enables the client wireless adapter for
fast secure roaming.
EAP-FAST User
Select the credential retrieval method:
1. Select the user credentials:
Use Windows logon, Prompt each time I connect, or Use the following.
2. Allow automatic provisioning of Protected Access Credentials (PAC):
EAP-FAST uses a PAC key to protect the user credentials that are exchanged. All EAP-FAST authenticators are
identified by an authority identity (A-ID). The local authenticator sends its A-ID to an authenticating client, and
the client checks its database for a matching A-ID. If the client does not recognize the A-ID, it requests a new
PAC.
Click PACs to view any PACs that have already been provisioned and reside on this computer. A PAC must
have already been obtained to clear Allow automatic provisioning on the Security Settings.
NOTE: If the provisioned Protected Access Credential (PAC) is valid, Intel(R) PROSet/Wireless does not prompt
the user for acceptance of the PAC. If the PAC is invalid, Intel PROSet/Wireless fails the provisioning
automatically. A status message is displayed in the
Wireless Event Viewer that an administrator can review on
the user's computer.
To Next Page
Loading...
Need help?
General
